In response to "Roberts, Jon" <Jon.Roberts@asurion.com>:
> Is it possible yet in PostgreSQL to hide the source code of functions from
> users based on role membership? I would like to avoid converting the code
> to C to secure the source code and I don't want it obfuscated either.
>
> In an ideal world, if a user can't modify a function, he/she shouldn't be
> able to see the source code. If the user can execute the function, then the
> user should be able to see the signature of the function but not the body.
I doubt that's going to happen. Mainly because I disagree completely
with your ideal world description (any user who can execute a function
should have the right to examine it to see what it actually does).
I suspect that others would agree with me, the result being that there's
no universally-agreed-on approach. As a result, what _really_ needs to
be done is an extra permission bit added to functions so administrators
can control who can view the function body.
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/
wmoran@collaborativefusion.com
Phone: 412-422-3463x4023
